github.com/razvanm/vanadium-go-1.3@v0.0.0-20160721203343-4a65068e5915/src/crypto/x509/root_unix.go (about) 1 // Copyright 2011 The Go Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 // +build dragonfly freebsd linux nacl netbsd openbsd solaris 6 7 package x509 8 9 import "io/ioutil" 10 11 // Possible certificate files; stop after finding one. 12 var certFiles = []string{ 13 "/etc/ssl/certs/ca-certificates.crt", // Debian/Ubuntu/Gentoo etc. 14 "/etc/pki/tls/certs/ca-bundle.crt", // Fedora/RHEL 15 "/etc/ssl/ca-bundle.pem", // OpenSUSE 16 "/etc/ssl/cert.pem", // OpenBSD 17 "/usr/local/share/certs/ca-root-nss.crt", // FreeBSD/DragonFly 18 "/etc/pki/tls/cacert.pem", // OpenELEC 19 } 20 21 // Possible directories with certificate files; stop after successfully 22 // reading at least one file from a directory. 23 var certDirectories = []string{ 24 "/system/etc/security/cacerts", // Android 25 26 } 27 28 func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate, err error) { 29 return nil, nil 30 } 31 32 func initSystemRoots() { 33 roots := NewCertPool() 34 for _, file := range certFiles { 35 data, err := ioutil.ReadFile(file) 36 if err == nil { 37 roots.AppendCertsFromPEM(data) 38 systemRoots = roots 39 return 40 } 41 } 42 43 for _, directory := range certDirectories { 44 fis, err := ioutil.ReadDir(directory) 45 if err != nil { 46 continue 47 } 48 rootsAdded := false 49 for _, fi := range fis { 50 data, err := ioutil.ReadFile(directory + "/" + fi.Name()) 51 if err == nil && roots.AppendCertsFromPEM(data) { 52 rootsAdded = true 53 } 54 } 55 if rootsAdded { 56 systemRoots = roots 57 return 58 } 59 } 60 61 // All of the files failed to load. systemRoots will be nil which will 62 // trigger a specific error at verification time. 63 }